autho 0.1.0

Authentication for web applications
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70

use axum::{
    extract::{FromRef, FromRequestParts},
    http::request::Parts,
    response::IntoResponse,
};
use axum_extra::extract::CookieJar;

use crate::{Backend, CookieSessionBackend, Session, SessionId};

pub fn get_session_id(
    cookie_name: &str,
    parts: &mut Parts,
) -> Option<SessionId> {
    let cookies = CookieJar::from_headers(&parts.headers);
    cookies.get(cookie_name)?.value().parse().ok()
}

pub async fn load_session<B: Backend + CookieSessionBackend>(
    backend: B,
    parts: &mut Parts,
) -> Result<Result<Session<B>, B>, B::Error> {
    if let Some(session_id) =
        get_session_id(backend.session_cookie_name(), parts)
    {
        if let Some(fields) = backend.load_session_data(&session_id).await? {
            Ok(Ok(Session::new(
                backend,
                session_id,
                fields.user_id,
                fields.data,
            )))
        } else {
            // NOTE: We renew the session id to ensure
            // users cannot choose their own session id.
            Ok(Err(backend))
        }
    } else {
        Ok(Err(backend))
    }
}

impl<B, S> FromRequestParts<S> for Session<B>
where
    B: CookieSessionBackend,
    B: FromRef<S>,
    B::Error: IntoResponse,
    S: Sync,
{
    type Rejection = B::Error;

    async fn from_request_parts(
        parts: &mut Parts,
        state: &S,
    ) -> Result<Self, Self::Rejection> {
        let backend: B = FromRef::from_ref(state);
        match load_session(backend, parts).await? {
            Ok(session) => {
                // This user has an existing session,
                Ok(session)
            }
            Err(backend) => {
                // Session id not set or session does not exist (anymore).
                let session_id = SessionId::new();
                let user_id = None;
                let data = backend.create_session_data().await?;
                Ok(Session::new(backend, session_id, user_id, data))
            }
        }
    }
}